Hi, I have an unix based application and I am trying to view the application details through a browser which are coming from the application's backend database.

I have unix level userid and passwords for this application and how do I authenticate the userid and password from the browser to update/add/delete the data in the application. The authentication should hold good for the entire transaction(i.e logging out of the browser).

I use mySQL for all my database needs. I have a session table and a user table. When some-one logs in I scan the user database and if found I create a random session number. I then expire cookie and create a new cookie and set it to "user=sessionid", I then log in the database the user and session and time. Now All I do is call a routine that splits the cookie and searchs the session database for the user and session. If found I then check if the login in time is not older than 20 mins else he must log in again. This is one way of doing it.